System and method for device transaction authorization

ABSTRACT

A computer-implemented method includes registering a user device and an internet-of-things (IOT) device for use in a transaction-by-proxy service; collecting behavior-related data associated with a user of the user device and the first IOT device; and using the behavior-related data as part of the transaction-by-proxy service to generate a transaction-by-proxy at the IOT device on behalf of the user of the user device. The computer-implemented method further includes generating a transaction-by-proxy model using the behavior-related data associated with the user and training the transaction-by-proxy model to determine whether to request the transaction-by-proxy.

BACKGROUND

The background description provided herein is for the purpose ofgenerally presenting the context of the disclosure. Work of thepresently named inventor, to the extent it is described in thisbackground section, as well as aspects of the description that may nototherwise qualify as prior art at the time of filing, are neitherexpressly nor impliedly admitted as prior art against the presentdisclosure.

As users of payment systems become increasingly busy and distracted intheir day-to-day activities, there is often not enough time to makemundane purchases or conduct monotonous financial transactions withbanking institutions. In addition, trusting other individuals to conductfinancial transactions on behalf of the users can lead to identity theftand fraud, which has become more common in online financialtransactions. As a result, trust has been broken between the users ofpayment systems and the individuals and institutions entrusted toperform the transactions. Therefore, a need exists to enable users ofpayment systems to have personalized financial transactions occurwithout wasting valuable time and energy.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a system for generating atransaction-by-proxy in a transaction-by-proxy service in accordancewith some embodiments.

FIG. 2 is a block diagram illustrating a system that utilizes aninternet-of-things (IOT) device to generate the transaction-by-proxy inthe transaction-by-proxy service of FIG. 1 in accordance with someembodiments.

FIG. 3 is an illustration of an exemplary combination system and methodfor generating a transaction-by-proxy that is used in providing thetransaction-by-proxy service of FIG. 1 in accordance with someembodiments.

FIG. 4 is a flow diagram illustrating a method for generating thetransaction-by-proxy model of FIG. 1 in accordance with someembodiments.

FIG. 5 is a flow diagram illustrating a method for generating atransaction-by-proxy request using the transaction-by-proxy model ofFIG. 1 in accordance with some embodiments.

FIG. 6 is a flow diagram illustrating a method for approving thetransaction-by-proxy request of FIG. 3 in accordance with someembodiments.

FIG. 7 is an exemplary system used to generate a transaction-by-proxy inaccordance with some embodiments.

DETAILED DESCRIPTION

FIGS. 1-7 illustrate systems and techniques configured to allow a userof a user device to utilize an internet-of-thing (IOT) device to make atransaction-by-proxy on behalf of the user of the user device. In someembodiments, a transaction-by-proxy is a transaction requested by anelectronic representative of the user, such as, an IOT device, that doesnot require direct approval from a user for performance, but insteadutilizes behavior of the user to generate and authorize the transaction.In some embodiments, the IOT device utilizes a transaction-by-proxymodel generated based on behavior-related patterns of the user forinitiation and verification of the transaction-by-proxy. In someembodiments, the transaction-by-proxy generated using thetransaction-by-proxy model allows IOT devices to make transactions, suchas, for example, purchases of merchandise or services, on behalf of theuser. The transaction-by-proxy service described herein is animprovement over existing systems in that the transaction-by-proxyservice eliminates the need for user 105 to directly request and approvea transaction, instead, the transaction-by-proxy service requests andapproves the transaction, thereby making the process of making financialtransactions more efficient.

As used herein, the term “account data,” refers to any data concerningone or more accounts for one or more users. Account data may include,for example, one or more account identifiers, user identifiers,transaction histories, balances, credit limits, issuer institutionidentifiers, and/or the like.

As used herein, the term “account identifier” may include one or moretypes of identifiers associated with a user account (e.g., a PAN, aprimary account number, a card number, a payment card number, a token,and/or the like). In some non-limiting embodiments, an issuerinstitution may provide an account identifier (e.g., a PAN, a token,and/or the like) to a user that uniquely identifies one or more accountsassociated with that user. The account identifier may be embodied on apayment device (e.g., a portable payment instrument, a payment card, acredit card, a debit card, and/or the like) and/or may be electronicinformation communicated to the user that the user may use forelectronic payments. In some non-limiting embodiments, the accountidentifier may be an original account identifier, where the originalaccount identifier was provided to a user at the creation of the accountassociated with the account identifier. In some non-limitingembodiments, the account identifier may be an account identifier (e.g.,a supplemental account identifier) that is provided to a user after theoriginal account identifier was provided to the user. For example, ifthe original account identifier is forgotten, stolen, and/or the like, asupplemental account identifier may be provided to the user. In somenon-limiting embodiments, an account identifier may be directly orindirectly associated with an issuer institution such that an accountidentifier may be a token that maps to a PAN or other type ofidentifier. Account identifiers may be alphanumeric, any combination ofcharacters and/or symbols, and/or the like. An issuer institution may beassociated with a bank identification number (BIN) that uniquelyidentifies the issuer institution.

As used herein, the terms “communication” and “communicate” may refer tothe reception, receipt, transmission, transfer, provision, and/or thelike of information (e.g., data, signals, messages, instructions,commands, and/or the like). For one unit (e.g., a device, a system, acomponent of a device or system, combinations thereof, and/or the like)to be in communication with another unit means that the one unit is ableto directly or indirectly receive information from and/or transmitinformation to the other unit. This may refer to a direct or indirectconnection (e.g., a direct communication connection, an indirectcommunication connection, and/or the like) that is wired and/or wirelessin nature. Additionally, two units may be in communication with eachother even though the information transmitted may be modified,processed, relayed, and/or routed between the first and second unit. Forexample, a first unit may be in communication with a second unit eventhough the first unit passively receives information and does notactively transmit information to the second unit. As another example, afirst unit may be in communication with a second unit if at least oneintermediary unit (e.g., a third unit located between the first unit andthe second unit) processes information received from the first unit andcommunicates the processed information to the second unit. In somenon-limiting embodiments, a message may refer to a network packet (e.g.,a data packet, and/or the like) that includes data. It will beappreciated that numerous other arrangements are possible.

As used herein, the term “computing device” or “communication device” or“user device” may refer to one or more electronic devices configured toprocess data. A computing device may, in some examples, include thenecessary components to receive, process, and output data, such as aprocessor, a display, a memory, an input device, a network interface,and/or the like. A computing device may be a mobile device. As anexample, a mobile device may include a cellular phone (e.g., asmartphone or standard cellular phone), a portable computer, a wearabledevice (e.g., watches, glasses, lenses, clothing, and/or the like), apersonal digital assistant (PDA), and/or other like devices. A computingdevice may also be a desktop computer or other form of non-mobilecomputer. As used herein, the term “user interface” or “graphical userinterface” refers to a generated display, such as one or more graphicaluser interfaces (GUIs) with which a user may interact, either directlyor indirectly (e.g., through a keyboard, mouse, touchscreen, etc.).

An “Internet of Things device” may be an example of a “computer device.”An Internet of Things device may have a primary function that is relatedto or unrelated to communicating with other Internet of Things devicesor computers. For example, an Internet of Things device may be arefrigerator that, in addition to preserving food, is capable ofinteracting with one or more other Internet of Things devices. Examplesof remote communication capabilities include using a mobile phone(wireless) network, wireless data network (e.g., 3G, 4G or similarnetworks), Wi-Fi, Wi-Max, or any other communication medium that mayprovide access to a network such as the Internet or a private network.

As used herein, the term “issuer” or “issuer institution” or “issuerhost” may refer to one or more entities, such as a bank, that provideaccounts to customers for conducting transactions (e.g., paymenttransactions), such as initiating credit and/or debit payments. Forexample, an issuer institution may provide an account identifier, suchas a primary account number (PAN), to a customer that uniquelyidentifies one or more accounts associated with that customer. Theaccount identifier may be embodied on a payment device, such as aphysical financial instrument, e.g., a payment card, and/or may beelectronic and used for electronic payments.

In some embodiments, the term “issuer system” refers to one or morecomputer systems operated by or on behalf of an issuer institution, suchas a server computer executing one or more software applications. Forexample, an issuer system may include one or more authorization serversfor authorizing a transaction.

As used herein, the term “merchant” may refer to an individual or entitythat provides goods and/or services, or access to goods and/or services,to customers based on a transaction, such as a payment transaction. Asused herein, the term “merchant system” may refer to one or morecomputer systems operated by or on behalf of a merchant, such as aserver computer executing one or more software applications.

As used herein, the term “point-of-sale (POS) system,” may refer to oneor more computers and/or peripheral devices used by a merchant to engagein payment transactions with customers, including one or more cardreaders, near-field communication (NFC) receivers, RFID receivers,and/or other contactless transceivers or receivers, contact-basedreceivers, payment terminals, computers, servers, input devices, and/orother like devices that can be used to initiate a payment transaction.

As used herein, the term “payment device” may refer to a payment card(e.g., a credit or debit card), a gift card, a smartcard, smart media, apayroll card, a healthcare card, a wristband, a machine-readable mediumcontaining account data, a keychain device or fob, an RFID transponder,a retailer discount or loyalty card, a cellular phone, an electronicwallet mobile application, a personal digital assistant (PDA), a pager,a security card, a computer, an access card, a wireless terminal, atransponder, and/or the like. In some non-limiting embodiments, thepayment device may include volatile or non-volatile memory to storeinformation (e.g., an account identifier, a name of the account holder,and/or the like).

As used herein, the term “payment gateway” may refer to an entity and/ora payment processing system operated by or on behalf of such an entity(e.g., a merchant service provider, a payment service provider, apayment facilitator, a payment facilitator that contracts with anacquirer, a payment aggregator, and/or the like), which provides paymentservices (e.g., transaction service provider payment services, paymentprocessing services, and/or the like) to one or more merchants. Thepayment services may be associated with the use of payment devicesmanaged by a transaction service provider. As used herein, the term“payment gateway system” may refer to one or more computer systems,computer devices, servers, groups of servers, and/or the like operatedby or on behalf of a payment gateway.

As used herein, the term “server” may refer to or include one or morecomputing devices that are operated by or facilitate communication andprocessing for multiple parties in a network environment, such as theInternet, although it will be appreciated that communication may befacilitated over one or more public or private network environments andthat various other arrangements are possible. Further, multiplecomputing devices (e.g., servers, point-of-sale (POS) devices, mobiledevices, etc.) directly or indirectly communicating in the networkenvironment may constitute a “system.” Reference to “a server” or “aprocessor,” as used herein, may refer to a previously-recited serverand/or processor that is recited as performing a previous step orfunction, a different server and/or processor, and/or a combination ofservers and/or processors. For example, as used in the specification andthe claims, a first server and/or a first processor that is recited asperforming a first step or function may refer to the same or differentserver and/or a processor recited as performing a second step orfunction.

As used herein, the term “transaction service provider” may refer to anentity that receives transaction authorization requests from merchantsor other entities and provides guarantees of payment, in some casesthrough an agreement between the transaction service provider and anissuer institution. For example, a transaction service provider mayinclude a payment network such as Visa® or any other entity thatprocesses transactions. The term “transaction processing system” mayrefer to one or more computer systems operated by or on behalf of atransaction service provider, such as a transaction processing serverexecuting one or more software applications. A transaction processingserver may include one or more processors and, in some non-limitingembodiments, may be operated by or on behalf of a transaction serviceprovider.

FIG. 1 illustrates a system 100 in accordance with some embodiments. Insome embodiments, the system 100 includes a user device 110,internet-of-things devices (IOT) devices 112, a server 114, and adatabase 113. The system 100 generates a transaction-by-proxy model 151that is utilized by user device 110 and/or IOT devices 112 to generate atransaction-by-proxy in a transaction-by-proxy service provided for user105. In some embodiments, the transaction-by-proxy service is configuredto allow user device 110 and/or IOT devices 112 to make transactions(e.g., financial transactions, service transactions, etc.) on behalf ofuser 105 without the need for user 105 to directly request or approvethe transactions. Instead, behavior-related data corresponding to user105 is used to request and/or approve the transactions and generatetransactions that originate from user device 110 and/or IOT devices 112.As a result, the transaction-by-proxy generated utilizing thetransaction-by-proxy service may be used by user device 110 and/or MTdevices 112 to order products or services from a merchant or serviceprovider on behalf of user 105.

In some embodiments, user 105 initiates the transaction-by-proxy serviceby installing transaction-by-proxy application 194 onto user device 110.In some embodiments, the transaction-by-proxy application 194 isinstalled from a transaction-by-proxy unit 197 located on server 114. Insome embodiments, the transaction-by-proxy unit 197 is software locatedserver 114 that manages transaction-by-proxy application. 194 andtransaction-by-proxy application 195 in order to generate thetransaction-by-proxy output by, for example, user device 110 and/or eachIOT device of IOT devices 112. In some embodiments, transaction-by-proxyapplication 194 is application software installed on user device 110that, in addition to collecting behavior-related data associated withuser 105, serves as an access hub for user 105 to utilize thetransaction-by-proxy service. In some embodiments, users of thetransaction-by-proxy application 194 are able to access and control thetransaction-by-proxy services using the transaction-by-proxy application194.

In some embodiments, after the transaction-by-proxy application 194 isinstalled onto user device 110, user 105 registers user device 110 andIOT devices 112 with transaction-by-proxy unit 197 of server 114. Insome embodiments, registration of the devices may include providing adevice identifier and/or application programming interfaces (API)identifier for each device and communicating the identifier totransaction-by-proxy application 194 and server 114. In someembodiments, registration of the devices may include registering userdevice 110 as a control device and IOT devices 112 as non-controldevices with transaction-by-proxy unit 197 of server 114 using thetransaction-by-proxy application 194. In some embodiments, an IOT deviceof IOT devices 112 may be registered as a control device and the userdevice 110 may be registered as a non-control device. In someembodiments, by registering user device 110 as a control device, userdevice 110 is configured to control the IOT devices 112 that are used toprovide the transaction-by-proxy service from a centraltransaction-by-proxy location. In some embodiments, by registering IOTdevices 112 as non-control devices, the IOT devices 112 operate at thedirection of user device 110 even though the IOT devices 112 areconfigured to generate the transaction-by-proxy without directverification and authorization from user 105. For example, in someembodiments, because user device 110 is a control device and IOT devices112 are non-control devices, user device 110 is able to turn-on,turn-off, activate, and deactivate, the transaction-by-proxy servicethat is provided using the IOT devices 112 at the request of user 105.

In some embodiments, as part of the registration process,transaction-by-proxy application 195 is installed from server 114 ontoeach registered IOT device of IOT devices 112. In some embodiments,transaction-by-proxy application 195 is application software configuredto collect behavior-related data associated with user 105 and the IOTdevices 112 and generate the transaction-by-proxy based on atransaction-by-proxy behavior analysis of the behavior-related data. Insome embodiments, transaction-by-proxy application 195 is applicationsoftware configured to collect behavior-related data associated onlywith user 105 and generate the transaction-by-proxy based on atransaction-by-proxy behavior analysis of the behavior-related data. Insome embodiments, the behavior-related data collected by IOT devices 112and user device 110 may include, for example, the purchasing habits ofuser 105, the listening habits of user 105, the viewing habits of user105, the exercise habits of user 105, and the driving habits of user105. In some embodiments, the behavior-related purchasing habits of user105 may be used to, for example, purchase products habitually purchasedby user 105 using the specific user device 110 or IOT device 112. Insome embodiments, the listening habits of user 105 may be used to,purchase music, podcasts habitually listened to by user 105. In someembodiments, the exercise habits of user 105 may be used to purchase,for example, exercise gear, exercise services (e.g., services providedfrom an exercise trainer), or exercise equipment that are habituallyused by user 105 during routine exercises. In some embodiments, thedriving habits of user 105 are used to purchase, for example, tires, oilchange services, or other driving related products or services relatedto the driving habits of user 105.

In some embodiments, after the transaction-by-proxy application 195 isinstalled onto IOT devices 112 and transaction-by-proxy application 194is installed onto user device 110, both the transaction-by-proxyapplication 194 and transaction-by-proxy application 195 commence theprocess of collecting the behavior-related data associated with user105. In some embodiments, only the transaction-by-proxy application 194commences the process of collecting the behavior-related data associatedwith user 105. In some embodiments, as the behavior-related data isbeing collected, the collected behavior-related data is stored indatabase 113. In some embodiments, the behavior-related data issubsequently provided to a transaction-by-proxy model generation unit145 in server 114 for generation of a transaction-by-proxy model 151using the transaction-by-proxy analysis.

In some embodiments, the transaction-by-proxy model generation unit 145is software configured to utilize an artificial intelligence platformand machine learning techniques during the transaction-by-proxy analysisto generate transaction-by-proxy model 151 by analyzing the userbehavior-related data. In some embodiments, the transaction-by-proxymodel 151 is a machine learning model that is configured learn patternsof the behavior-related data of user 105. In some embodiments, thetransaction-by-proxy model 151 may be, for example, a binaryclassification model that is configured to generate transaction-by-proxypredictions by finding the patterns in the behavior-related data(described in further detail with reference to FIG. 2 ).

In some embodiments, the transaction-by-proxy model generation unit 145receives the behavior-related data from IOT devices 112 and/or userdevice 110 and commences the process of conducting thetransaction-by-proxy analysis to generate the transaction-by-proxy modelused by IOT devices 112 and user device 110 to generate thetransaction-by-proxy. In some embodiments, the transaction-by-proxymodel 151 generated by transaction-by-proxy model generation unit 145 isprovided to IOT devices 112 and/or user device 110 in order to generatetransactions-by-proxy on behalf of user 105 (described further hereinwith reference to FIG. 2 ).

FIG. 2 illustrates a system 200 in accordance with some embodiments. Insome embodiments, the system 200 includes IOT devices 112, a merchantsystem 221, a payment network 230, and an issuer 222. The system 200 isconfigured to utilize a transaction-by-proxy application 195 (installedon IOT devices 112) and a transaction-by-proxy model 151 (provided byserver 114) to generate a transaction-by-proxy on behalf of user 105. Insome embodiments, the transaction-by-proxy is generated without directverification or approval from user 105, instead, thetransaction-by-proxy is generated by transaction-by-proxy application195 using indirect verification that utilizes the behavior of user 105that may be received from, for example, transaction-by-proxy application194 (installed on user device 110), to verify or approve thetransaction-by-proxy, in some embodiments, using thetransaction-by-proxy services provided by transaction-by-proxyapplication 195, each IOT device of IOT devices 112 is configured toserve as a proxy for user 105 by generating the transaction-by-proxythat is used to order products or services from merchant system 221.

In some embodiments, transaction-by-proxy application 195 of an IOTdevice of IOT devices 112 receives the transaction-by-proxy model 151from server 114 or user device 110 and commences the process ofcontinuously collecting real-time behavior-related data associated withuser 105. In some embodiments, transaction-by-proxy application 195 usesthe real-time behavior-related data as input to transaction-by-proxymodel 151 and generates a transaction-by-proxy request prediction score.In some embodiments, the transaction-by-proxy request prediction scoreis a prediction indicator of the certainty that a given observationbelongs to a positive class (e.g., to request the transaction-by-proxy)or a negative class (e.g., to not request the transaction-by-proxy). Insome embodiments, the transaction-by-proxy request prediction score isused to determine whether to request the transaction-by-proxy or to notrequest the transaction-by-proxy.

In some embodiments, after the transaction-by-proxy request predictionscore is generated by transaction-by-proxy application 195, thetransaction-by-proxy request prediction score is compared to atransaction-by-proxy request classification threshold to determinewhether to initiate the transaction-by-proxy request. In someembodiments, the transaction-by-proxy request classification thresholdis a classification threshold that is used to interpret thetransaction-by-proxy request prediction score to determine whether torequest the transaction-by-proxy or not request thetransaction-by-proxy. In some embodiments, when the transaction-by-proxyapplication 195 determines that the transaction-by-proxy predictionscore is not greater than the transaction-by-proxy requestclassification threshold, the transaction-by-proxy is not requested andtransaction-by-proxy application 195 continues to collectbehavior-related data associated with user 105 and apply thebehavior-related data to transaction-by-proxy model 151. In someembodiments, when the transaction-by-proxy application 195 determinesthat the transaction-by-proxy request prediction score is greater thanthe transaction-by-proxy request classification threshold, thetransaction-by-proxy application 195 proceeds with determining whetherto approve the transaction-by-proxy request.

In some embodiments, in order to determine whether to approve thetransaction-by-proxy request, transaction-by-proxy application 195retrieves a transaction-by-proxy accuracy score and atransaction-by-proxy score time associated with the transaction-by-proxyfrom transaction-by-proxy unit 197 of server 114. In some embodiments,the transaction-by-proxy accuracy score is a score generated bytransaction-by-proxy unit 197 that is used by transaction-by-proxyapplication 195 to measure the predictive accuracy of thetransaction-by-proxy model 151. In some embodiments,transaction-by-proxy unit 197 may use, for example, a binaryclassification accuracy metric to generate the transaction-by-proxyaccuracy score. In some embodiments, the transaction-by-proxy score timeis a time generated by transaction-by-proxy unit 107 and provided totransaction-by-proxy application 195 that indicates the moment at whichthe transaction-by-proxy accuracy score was generated. In someembodiments, a transaction-by-proxy request time is a time generated bytransaction-by-proxy application 195 that indicates the moment at whichthe transaction-by-proxy request occurred. In some embodiments, thetransaction-by-proxy accuracy score, the transaction-by-proxy scoretime, and the transaction-by-proxy request time are all used bytransaction-by-proxy application 195 to approve the transaction-by-proxyrequest as described herein.

In some embodiments, after the transaction-by-proxy accuracy score andthe transaction-by-proxy score time are retrieved bytransaction-by-proxy application 195, transaction-by-proxy application195 compares the transaction-by-proxy accuracy score to atransaction-by-proxy accuracy threshold to determine whether thetransaction-by-proxy accuracy score meets or does not meet thetransaction-by-proxy accuracy threshold. In some embodiments, thetransaction-by-proxy accuracy threshold may be set at a value at which atransaction-by-proxy accuracy score above the transaction-by-proxyaccuracy threshold indicates that the model is highly accurate and atransaction-by-proxy accuracy score below the transaction-by-proxythreshold indicates that the model is moderately accurate or minimallyaccurate.

In some embodiments, when the transaction-by-proxy application 195determines that the transaction-by-proxy accuracy score does not meetthe transaction-by-proxy accuracy threshold, the transaction-by-proxyrequest is not approved and the transaction-by-proxy request is aborted.In some embodiments, when transaction-by-proxy application 195determines that the transaction-by-proxy accuracy score does meet thetransaction-by-proxy accuracy threshold, a request-to-score-timedifference between the transaction-by-proxy request time andtransaction-by-proxy accuracy score time is calculated bytransaction-by-proxy application 195 and the difference is compared to afirst transaction-by-proxy time range, a second transaction-by-proxytime range, and a third transaction-by-proxy time range.

In some embodiments, the first transaction-by-proxy time range is a timerange indicated by time values greater than a transaction-by-proxy timedifferential maximum threshold. In some embodiments, the secondtransaction-by-proxy time range is a time range indicated by time valuesbetween the transaction-by-proxy time differential maximum threshold anda transaction-by-proxy time differential minimum threshold. In someembodiments, the third transaction-by-proxy time range is a time rangeindicated by time values below the transaction-by-proxy timedifferential minimum threshold.

In some embodiments, when the transaction-by-proxy application 195determines the request-to-score-time difference is above thetransaction-by-proxy time differential maximum threshold (e.g., thefirst transaction-by-proxy time range), the transaction-by-proxy scoringtime is considered “not recent” and the transaction is not approved, andthe transaction-by-proxy is aborted. In some embodiments, when thetransaction-by-proxy application 195 determines the request-score-timedifference is above the transaction-by-proxy time differential minimumthreshold and below the transaction-by-proxy time differential maximumthreshold (i.e., the second transaction-by-proxy time range), thetransaction-by-proxy scoring time is considered “moderate” and theconsent of user 105 is required to approve the transaction-by-proxy.

In some embodiments, when the transaction-by-proxy application 195determines the request-score-time difference is below thetransaction-by-proxy time differential minimum threshold, thetransaction-by-proxy scoring time is considered “very recent” and thetransaction is approved. In some embodiments, when thetransaction-by-proxy request is approved by transaction-by-proxyapplication 195, the transaction-by-proxy is provided to merchant system221 to perform the requested financial transaction (e.g., purchase goodsor services using the IOT device as a proxy).

In some embodiments, merchant system 221 receives thetransaction-by-proxy from the IOT device of IOT devices 112 and providesthe transaction-by-proxy to issuer 222 via payment network 230 forapproval or disapproval. In some embodiments, the issuer 222 approves ordisapproves the financial transaction following the standard proceduresthat are typically utilized by payment networks to approve or disapproveof financial transactions. In some embodiments, the payment networks arenever made aware that the financial transaction is atransaction-by-proxy. In some embodiments, transaction-by-proxy model151 is updated with behavior-related data corresponding to the outcomeof the transaction-by-proxy and feedback is sent to user 105 to indicatethat a transaction-by-proxy has occurred.

FIG. 3 is an illustration of an exemplary combination system and methodassociated with generating a transaction-by-proxy in accordance withsome embodiments. In some embodiments, in step 320, the user 105installs transaction-by-proxy application 194 onto user device 110. Insome embodiments, at step 321, user 105 registers user device 110 as acontrol device and IOT devices 112 as non-control devices with server114 using the transaction-by-proxy application 194. In some embodiments,at step 323, as part of the registration process, server 114 downloadsthe transaction-by-proxy application 195 onto the registered IOT devices112. In some embodiments, at step 351, using a transaction-by-proxymodel 151 generated by transaction-by-proxy model generation unit 145based on behavior-related data collected by transaction-by-proxyapplication 194 and/or transaction-by-proxy application 195, aregistered IOT device of IOT devices 112 provides a transaction-by-proxyto merchant system 221.

In some embodiments, at step 355, the transaction-by-proxy is providedto payment network 230. In some embodiments, at step 360, thetransaction-by-proxy is provided to issuer 222 for approval or denial.In some embodiments, at step 365, an approval or denial of thetransaction-by-proxy is provided to payment network 230, andsubsequently merchant system 221 at step 370. In some embodiments, uponapproval of the transaction-by-proxy, the merchandise or serviceassociated with the transaction-by-proxy is provided to user 105. Insome embodiments, using the transaction-by-proxy services describedherein, the user 105 did not have to individually approve thetransaction in order for the merchandise or service associated with thetransaction-by-proxy to be provided to user 105.

FIG. 4 illustrates a method 400 for generating a transaction-by-proxymodel used in the transaction-by-proxy services provided herein inaccordance with some embodiments. The method, process steps, or stagesillustrated in FIG. 4 may be implemented as an independent routine orprocess, or as part of a larger routine or process. Note that eachprocess step or stage depicted may be implemented as an apparatus thatincludes a processor executing a set of instructions, a method, or asystem, among other embodiments. In some embodiments, the method 400 isdescribed with reference to FIG. 1 -FIG. 3 .

In some embodiments, at block 405, transaction-by-proxy application 194is installed onto user device 110. In some embodiments, as statedpreviously, in addition to collecting behavior-related informationassociated with user 105, the transaction-by-proxy application 194 isconfigured to serve as an access hub for user 105 to utilize thetransaction-by-proxy service.

In some embodiments, at block 410, user 105 registers user device 110and IOT devices 112 with server 114. For example, user 105 registersuser device 110 as a control device and IOT devices 112 as non-controldevices in the transaction-by-proxy service. In some embodiments, atblock 415, transaction-by-proxy application 195 is installed ontoregistered IOT device/s of IOT devices 112.

In some embodiments, at block 425, IOT devices 112 are authenticated bytransaction-by-proxy application 194 of user device 110. In someembodiments, the authentication process may include verification of theregistration of IOT devices 112. In some embodiments, at block 430,after the IOT devices 112 are authenticated, the IOT devices 112 arelinked to user device 110, via, for example, a Bluetooth, WiFi, or otherwireless connection. In some embodiments, at block 435,transaction-by-proxy application 195 and/or transaction-by-proxyapplication 194 collect and record the behavior of user 105 using userdevice 110 and/or IOT devices 112.

In some embodiments, at block 440, the behavior patterns of user 105 areextracted from behavior-related data using a transaction-by-proxyanalysis. In some embodiments, as part of the transaction-by-proxyanalysis, the transaction-by-proxy unit 197 determines whether thebehavior-related data is illegitimate user behavior data (e.g., noise)or legitimate user behavior data (e.g., not noise). In some embodiments,when the behavior-related data is legitimate user behavior-related data,the transaction-by-proxy model 151 is updated with new features in thebehavior-related data. In some embodiments, when the behavior-relateddata is not legitimate user behavior-related data; thetransaction-by-proxy model 151 is not updated with the features of thebehavior-related data and, if already present in thetransaction-by-proxy model 151, behavior-related data is removed fromthe transaction-by-proxy model 151. In some embodiments, at block 445, atransaction-by-proxy model 151 is generated as a result of thetransaction-by-proxy analysis that is used transaction-by-proxyapplication 195 to initiate a transaction-by-proxy. In some embodiments,at block 455, the transaction-by-proxy model is trained and updatedbased upon the behavior-related data collected by the user device 110and/or IOT devices 112. In some embodiments, at block 460, thetransaction-by-proxy model is provided to user device 110 and/or IOTdevices 112 in order to determine whether to initiate atransaction-by-proxy.

FIG. 5 illustrates a method 500 for generating atransaction-by-proxy-request for approval in accordance with someembodiments. The method, process steps, or stages illustrated in FIG. 5may be implemented as an independent routine or process, or as part of alarger routine or process. Note that each process step or stage depictedmay be implemented as an apparatus that includes a processor executing aset of instructions, a method, or a system, among other embodiments. Insome embodiments, the method 500 is described with reference to FIG. 1-FIG. 4 .

In some embodiments, at block 515, IOT devices 112 and/or user device110 receive the transaction-by-proxy model 151 from, for example, server114. In some embodiments, at block 525, a transaction-by-proxy requestprediction score is generated by the transaction-by-proxy application(e.g., transaction-by-proxy application 194 and/or transaction-by-proxyapplication 195) based on the behavior of user 105 (e.g.,behavior-related data) using a trained transaction-by-proxy model 151.In some embodiments, at block 530, the transaction-by-proxy requestprediction score is updated with the newly generatedtransaction-by-proxy request prediction score. In some embodiments, atblock 535, the transaction-by-proxy application determines whether thetransaction-by-proxy request prediction score meets atransaction-by-proxy request classification threshold.

In some embodiments, at block 535, when the transaction-by-proxyapplication determines the transaction-by-proxy request prediction scoredoes not meet the transaction-by-proxy request classification threshold,the transaction-by-proxy request is not yet assessed for approval andthe method feeds back to block 530. In some embodiments, at block 540,when the transaction-by-proxy application determines thetransaction-by-proxy request prediction score does meet thetransaction-by-proxy request classification threshold at block 535, thetransaction-by-proxy request is submitted for approval as described withreference to FIG. 6 .

FIG. 6 illustrates a method 600 for determining whether to approve atransaction-by-proxy request in accordance with some embodiments. Themethod, process steps, or stages illustrated in FIG. 6 may beimplemented as an independent routine or process, or as part of a largerroutine or process. Note that each process step or stage depicted may beimplemented as an apparatus that includes a processor executing a set ofinstructions, a method, or a system, among other embodiments. In someembodiments, the method 600 is described with reference to FIG. 1 -FIG.5 .

In some embodiments, at block 610, a transaction-by-proxy accuracy scoreand a transaction-by-proxy accuracy score time is generated by, forexample, transaction-by-proxy unit 197 of server 114. In someembodiments, at block 615, after the transaction-by-proxy accuracy scoreand the transaction-by-proxy accuracy score time are generated by thetransaction-by-proxy unit 197 at block 610, transaction-by-proxyapplication (e.g., transaction-by-proxy application 194 and/ortransaction-by-proxy application 195) retrieves the transaction-by-proxyaccuracy score and the transaction-by-proxy accuracy score timeassociated with the transaction-by-proxy accuracy score fromtransaction-by-proxy unit 197. In some embodiments, at block 625, thetransaction-by-proxy application analyzes the transaction-by-proxyaccuracy score and the transaction-by-proxy accuracy score time. In someembodiments, at block 630, the transaction-by-proxy applicationdetermines whether the transaction-by-proxy accuracy score meets atransaction-by-proxy accuracy threshold.

In some embodiments, at block 650, when the transaction-by-proxyaccuracy score does not meet the transaction-by-proxy accuracythreshold, the transaction-by-proxy request is not approved and thetransaction-by-proxy request is aborted. In some embodiments, at block635, when the transaction-by-proxy accuracy score does meet thetransaction-by-proxy accuracy threshold, a difference between atransaction-by-proxy request time and a transaction-by-proxy accuracyscore time (e.g., a request-score time difference) is assessed todetermine whether the request-score time difference falls within anacceptable time range. In some embodiments, at block 640, when therequest-score time difference does not fall within an acceptable timerange, the transaction-by-proxy request is aborted. In some embodiments,at block 640, when the request-score time difference falls within anacceptable time range, the transaction-by-proxy request is approved andthe transaction-by-proxy is generated and transmitted to the merchantsystem 221 for the purchase of goods or services. In some embodiments,at block 645, after the transaction-by-proxy request is approved atblock 640 and after the transaction-by-proxy is aborted at block 650,feedback is sent to user 105 to indicate that a transaction-by-proxy hasoccurred or has not occurred and the transaction-by-model is updatedaccordingly.

FIG. 7 illustrates a block diagram of an exemplary system 700 forimplementing embodiments consistent with the present disclosure. In somenonlimiting embodiments or aspects, the system 700 may utilize atransaction-by-proxy service to implement a method for generating atransaction-by-proxy on behalf of user 105. In some embodiments, thesystem may be, for example, an IOT device. In some embodiments, aprocessor 702 may comprise at least one data processor for executingprogram components for dynamic resource allocation at run time. Theprocessor 702 may include specialized processing units such asintegrated system (bus) controllers, memory management control units,floating point units, graphics processing units, digital signalprocessing units, etc.

In some embodiments, the processors 702 may be disposed in communicationwith one or more input/output (I/O) devices (not shown) via an I/Ointerface 701. The I/O interface 701 may employ communicationprotocols/methods such as, without limitation, audio, analog, digital,monoaural, RCA, stereo, IEEE-1394, serial bus, universal serial bus(USB), infrared, PS/2, BNC, coaxial, component, composite, digitalvisual interface (DVI), high-definition multimedia interface (HDMi), RFantennas, S-Video, VGA, IEEE 802.1 n/b/g/n/x, Bluetooth®, cellular(e.g., code-division multiple access (CDMA), high-speed packet access(HSPA+), global system for mobile communications (GSM), long-termevolution (LTE), WiMax®, or the like), etc.

In some embodiments, using the I/O interface 701, the system 700 maycommunicate with one or more I/O devices. For example, an input device710 may be an antenna, keyboard, mouse, joystick, (infrared) remotecontrol, camera, card reader, fax machine, dongle, biometric reader,microphone, touch screen, touchpad, trackball, stylus, scanner, storagedevice, transceiver, video device/source, etc. An output device may be aprinter, fax machine, video display (e.g., cathode ray tube (CRT),liquid crystal display (LCD), light-emitting diode (LED), plasma, Plasmadisplay panel (PDP), Organic light-emitting diode display (OLED) or thelike), audio speaker, etc.

In some embodiments, the processors 702 may be disposed in communicationwith the communication network via a network interface 703. The networkinterface 703 may communicate with the communication network. Thenetwork interface 703 may employ connection protocols including, withoutlimitation, direct connect, Ethernet (e.g., twisted pair 10/100/1000Base T), transmission control protocol/Internet protocol (TCP/IP), tokenring, IEEE 802.11a/b/g/n/x, etc. The communication network may include,without limitation, a direct interconnection, e-commerce network, a peerto peer (P2P) network, local area network (LAN), wide area network(WAN), wireless network (e.g., using Wireless Application Protocol), theinternet, Wi-Fi®, etc. Using the network interface 703) and thecommunication network, the system 700 may communicate with the one ormore service operators.

In some non-limiting embodiments or aspects, the processors 702 may bedisposed in communication with a memory 705 (e.g., RAM, ROM, etc. notshown in FIG. 7 via a storage interface 704. In some embodiments, thestorage interface 704 may connect to memory 705 including, withoutlimitation, memory drives, removable disc drives, etc., employingconnection protocols such as serial advanced technology attachment(SATA), Integrated Drive Electronics (IDE), IEEE-1394, Universal SerialBus (USB), fiber channel, Small Computer Systems interface (SCSI), etc.The memory drives may further include a drum, magnetic disc drive,magneto-optical drive, optical drive, Redundant Array of IndependentDiscs (RAID), solid-state memory devices, solid-state drives, etc.

In some embodiments, the memory 705 may store a collection of program ordatabase components, including, without limitation, a user interface706, an operating system 707, a web server, etc. In some non-limitingembodiments or aspects, the system 700 may store user/application data,such as the data, variables, records, etc. as described in thisdisclosure. Such databases may be implemented as fault-tolerant,relational, scalable, secure databases such as Oracle or Sybase.

In some embodiments, the operating system 707 may facilitate resourcemanagement and operation of the system 700. Examples of operatingsystems include, without limitation, APPLE® MACINTOSH® OS X®, UNIX®,UNIX-like system distributions (E.G., BERKELEY SOFTWARE DISTRIBUTION®(BSD), FREEBSD®, NETBSD®, OPENBSD, etc.), LINUX® DISTRIBUTIONS (E.G.,RED HAT®, UBUNTU®, KUBUNTU®, etc.), IBM®OS/2®, MICROSOFT® WINDOWS® (XP®,VISTA®/7/8, 10 etc.), APPLE® OS®, GOOGLE™ ANDROID™, BLACKBERRY® OS, orthe like.

In some non-limiting embodiments or aspects, the system 700 mayimplement a web browser (not shown in the figures) stored programcomponent. The web browser (not shown in the figures) may be a hypertextviewing application, such as MICROSOFT® INTERNET EXPLORER®, GOOGLE™CHROME™, MOZILLA® FIREFOX®, APPLE® SAFARI®, etc. Secure web browsing maybe provided using Secure Hypertext Transport Protocol (HTTPS), SecureSockets Layer (SSL), Transport Layer Security (TLS), etc. Web browsersmay utilize facilities such as AJAX, DHTML, ADOBE® FLASH®, JAVASCRIPT®,JAVA®, Application Programming Interfaces (APIs), etc.

Furthermore, one or more computer-readable storage media may be utilizedin implementing embodiments consistent with the present disclosure. Insome embodiments, a computer-readable storage medium refers to any typeof physical memory on which information or data readable by a processormay be stored. Thus, a computer-readable storage medium may storeinstructions for execution by one or more processors, includinginstructions for causing the processor(s) to perform steps or stagesconsistent with the embodiments described herein. The term“computer-readable medium” should be understood to include tangibleitems and exclude carrier waves and transient signals, e.g.,non-transitory. Examples include Random Access Memory (RAM), Read-OnlyMemory (ROM), volatile memory, non-volatile memory, hard drives, CompactDisc (CD) ROMs, Digital Video Disc (DVDs), flash drives, disks, and anyother known physical storage media.

In some embodiments, a computer-implemented method, includes registeringa user device and a first internet-of-things (IOT) device for use in atransaction-by-proxy service; collecting behavior-related dataassociated with a user of the user device and the first IOT device; andusing the behavior-related data as part of the transaction-by-proxyservice to generate a transaction-by-proxy at the first IOT device onbehalf of the user of the user device.

In some embodiments, the computer-implemented method further includesgenerating a transaction-by-proxy model using the behavior-related dataassociated with the user.

In some embodiments, the computer-implemented method further includestraining the transaction-by-proxy model to determine whether to generatea request for the transaction-by-proxy.

In some embodiments of the computer-implemented method, thetransaction-by-proxy generated using the transaction-by-proxy servicedoes not require the user of the user device to give authorizationduring the generation of the transaction-by-proxy.

In some embodiments, the computer-implemented method further includesgenerating a transaction-by-proxy request prediction score to determinewhether to generate the request for the transaction-by-proxy.

In some embodiments of the computer-implemented method, in order todetermine whether to generate the request for the transaction-by-proxy,the transaction-by-proxy request prediction score is compared to atransaction-by-proxy request classification threshold.

In some embodiments of the computer-implemented method, in order todetermine whether to approve the request for the transaction-by-proxy, atransaction-by-proxy accuracy score is compared to atransaction-by-proxy accuracy threshold.

In some embodiments of the computer-implemented method, in addition tousing the transaction-by-proxy accuracy score to approve the request forthe transaction-by-proxy, a transaction-by-proxy request time associatedwith the request for the transaction-by-proxy is used to approve therequest for the transaction-by-proxy.

In some embodiments of the computer-implemented method, a differencebetween the transaction-by-proxy request time and a transaction-by-proxyaccuracy score is used to approve the request for thetransaction-by-proxy.

In some embodiments of the computer-implemented method, thetransaction-by-proxy generated using the transaction-by-proxy serviceincludes making a payment for a service or product provided as a resultof the approval of the request for the transaction-by-proxy.

In some embodiments, an internet-of-things (IOT) device includes aprocessor; and a non-transitory computer readable medium coupled to theprocessor, the non-transitory computer readable medium comprising code,that when executed by the processor, causes the processor to: collectbehavior-related data associated with a user of the IOT device; and usethe behavior-related data to generate a transaction-by-proxy at the IOTdevice on behalf of the user of the IOT device.

In some embodiments of the IOT device, wherein the code, when executedby the processor, further causes the processor to: utilize atransaction-by-proxy model that is generated using the behavior-relateddata associated with the user.

In some embodiments of the IOT device, the transaction-by-proxy model istrained to determine whether to generate a request for thetransaction-by-proxy.

In some embodiments of the IOT device, the code, when executed by theprocessor, further causes the processor to: generate atransaction-by-proxy request prediction score to determine whether togenerate the request for the transaction-by-proxy.

In some embodiments of the IOT device, the code, when executed by theprocessor, further causes the processor to: compare thetransaction-by-proxy request prediction score to a transaction-by-proxyrequest classification threshold in order to determine whether togenerate the request the transaction-by-proxy.

In some embodiments of the IOT device, the code, when executed by theprocessor, further causes the processor to: compare atransaction-by-proxy accuracy score to a transaction-by-proxy accuracythreshold to determine whether to approve the request for thetransaction-by-proxy.

In some embodiments of the IOT device, the code, when executed by theprocessor, further causes the processor to: use a transaction-by-proxyaccuracy score time and a transaction-by-proxy request time to approvethe request for the transaction-by-proxy.

In some embodiments, a system includes a transaction-by-proxy modelgeneration unit; and a transaction-by-proxy generator coupled to thetransaction-by-proxy model generation unit, wherein atransaction-by-proxy application located at the transaction-by-proxygenerator is configured to use a transaction-by-proxy model generated bythe transaction-by-proxy model generation unit to initiate atransaction-by-proxy on behalf of the user.

In some embodiments of the system, the transaction-by-proxy applicationgenerates a transaction-by-proxy accuracy score that is used todetermine whether to approve a request for the transaction-by-proxy.

In some embodiments of the system, the transaction-by-proxy accuracyscore is compared to a transaction-by-proxy accuracy threshold todetermine whether to approve the request for the transaction-by-proxy.

What is claimed is:
 1. A computer-implemented method, comprising:registering a user device and a first internet-of-things (IOT) devicefor use in a transaction-by-proxy service; collecting behavior-relateddata associated with a user of the user device and the first IOT device;and using the behavior-related data as part of the transaction-by-proxyservice to generate a transaction-by-proxy at the first IOT device onbehalf of the user of the user device.
 2. The computer-implementedmethod of claim 1, further comprising: generating a transaction-by-proxymodel using the behavior-related data associated with the user.
 3. Thecomputer-implemented method of claim 2, further comprising: training thetransaction-by-proxy model to determine whether to generate a requestfor the transaction-by-proxy.
 4. The computer-implemented method ofclaim 3, wherein: the transaction-by-proxy generated using thetransaction-by-proxy service does not require the user of the userdevice to give authorization during the generation of thetransaction-by-proxy.
 5. The computer-implemented method of claim 4,further comprising: generating a transaction-by-proxy request predictionscore to determine whether to generate the request for thetransaction-by-proxy.
 6. The computer-implemented method of claim 5,wherein: in order to determine whether to generate the request for thetransaction-by-proxy, the transaction-by-proxy request prediction scoreis compared to a transaction-by-proxy request classification threshold.7. The computer-implemented method of claim 6, wherein: in order todetermine whether to approve the request for the transaction-by-proxy, atransaction-by-proxy accuracy score is compared to atransaction-by-proxy accuracy threshold.
 8. The computer-implementedmethod of claim 7, wherein: in addition to using thetransaction-by-proxy accuracy score to approve the request for thetransaction-by-proxy, a transaction-by-proxy request time associatedwith the request for the transaction-by-proxy is used to approve therequest for the transaction-by-proxy.
 9. The computer-implemented methodof claim 8, wherein: a difference between the transaction-by-proxyrequest time and a transaction-by-proxy accuracy score is used toapprove the request for the transaction-by-proxy.
 10. Thecomputer-implemented method of claim 9, wherein: thetransaction-by-proxy generated using the transaction-by-proxy serviceincludes making a payment for a service or product provided as a resultof the approval of the request for the transaction-by-proxy.
 11. Aninternet-of-things (IOT) device, comprising: a processor; and anon-transitory computer readable medium coupled to the processor, thenon-transitory computer readable medium comprising code, that whenexecuted by the processor, causes the processor to: collectbehavior-related data associated with a user of the IOT device; and usethe behavior-related data to generate a transaction-by-proxy at the IOTdevice on behalf of the user of the IOT device.
 12. The IOT device ofclaim 11, wherein the code, when executed by the processor, furthercauses the processor to: utilize a transaction-by-proxy model that isgenerated using the behavior-related data associated with the user. 13.The IOT device of claim 12, wherein: the transaction-by-proxy model istrained to determine whether to generate a request for thetransaction-by-proxy.
 14. The IOT device of claim 13, wherein the code,when executed by the processor, further causes the processor to:generate a transaction-by-proxy request prediction score to determinewhether to generate the request for the transaction-by-proxy.
 15. TheIOT device of claim 14, wherein the code, when executed by theprocessor, further causes the processor to: compare thetransaction-by-proxy request prediction score to a transaction-by-proxyrequest classification threshold in order to determine whether togenerate the request the transaction-by-proxy.
 16. The IOT device ofclaim 15, wherein the code, when executed by the processor, furthercauses the processor to: compare a transaction-by-proxy accuracy scoreto a transaction-by-proxy accuracy threshold to determine whether toapprove the request for the transaction-by-proxy.
 17. The IOT device ofclaim 16, wherein the code, when executed by the processor, furthercauses the processor to: use a transaction-by-proxy accuracy score timeand a transaction-by-proxy request time to approve the request for thetransaction-by-proxy.
 18. A system, comprising: a transaction-by-proxymodel generation unit; and a transaction-by-proxy generator coupled tothe transaction-by-proxy model generation unit, wherein atransaction-by-proxy application located at the transaction-by-proxygenerator is configured to use a transaction-by-proxy model generated bythe transaction-by-proxy model generation unit to initiate atransaction-by-proxy on behalf of the user.
 19. The system of claim 18,wherein: the transaction-by-proxy application generates atransaction-by-proxy accuracy score that is used to determine whether toapprove a request for the transaction-by-proxy.
 20. The system of claim19, wherein: the transaction-by-proxy accuracy score is compared to atransaction-by-proxy accuracy threshold to determine whether to approvethe request for the transaction-by-proxy.